Bump github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.55.1 to 0.91.0

[dependabot]

Bumps github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.55.1 to 0.91.0.

Release notes

Sourced from github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring's releases.

0.91.0 / 2026-05-05

• [CHANGE] Enforce mutual exclusion of basicAuth, authorization and oauth2 in ScrapeConfig CRD. #8480
• [CHANGE] Add minimum length validations to string fields in ScrapeConfig CRD. #8479
• [CHANGE] Add validations for VictorOps receiver in AlertmanagerConfig CRD. #8220
• [CHANGE] Add validations for OpsGenie receiver in AlertmanagerConfig CRD. #8267
• [CHANGE] Add validations for Email receiver in AlertmanagerConfig CRD. #8270
• [FEATURE] Implement shard retention based on Prometheus data retention (it requires the PrometheusShardRetentionPolicy feature gate). #8478
• [FEATURE] Configure node selector when sharding mode is Topology for Prometheus and PrometheusAgent custom resources (it requires the PrometheusTopologySharding feature gate). #8486
• [FEATURE] Configure external label with topology information when sharding mode is Topology for Prometheus and PrometheusAgent custom resources (it requires the PrometheusTopologySharding feature gate). #8519
• [FEATURE] Distribute scrape targets within topology zones when sharding mode is Topology for Prometheus and PrometheusAgent custom resources (it requires the PrometheusTopologySharding feature gate). #8538
• [FEATURE] Add --promql-options CLI argument to the admission-webhook binary. #8531
• [FEATURE] Validate PrometheusRule resources selected by Prometheus resources based on the PromQL enabled features. #8545
• [FEATURE] Add workload identity authentication method for AzureSD in ScrapeConfig CRD. #8489
• [ENHANCEMENT] Support strategic merge patch of container probes when workloads are configured with HTTPS. #8427
• [ENHANCEMENT] Support auth_secret_file field for Email receiver in Alertmanager configuration Secret. #8394
• [ENHANCEMENT] Support smtp_auth_secret_file field in Alertmanager configuration Secret. #8396
• [ENHANCEMENT] Add externalId field to SigV4 configuration in Alertmanager, Prometheus, PrometheusAgent and ThanosRuler CRDs. #8494
• [ENHANCEMENT] Add cipherSuites support for Thanos Sidecars and Rulers. #8524
• [ENHANCEMENT] Add curves support for Thanos Sidecars and Rulers. #8542
• [ENHANCEMENT] Speed up configuration reloads by watching the config file's parent directory. #7366
• [ENHANCEMENT] Support Mattermost global webhook URL support in Alertmanager configuration Secret. #8501
• [ENHANCEMENT] Add Mattermost global webhook URL support in Alertmanager CRD. #8503 #8534
• [ENHANCEMENT] Support payload field for Webhook receiver in Alertmanager configuration Secret. #8505
• [ENHANCEMENT] Support attachment fields for Mattermost receiver in Alertmanager configuration Secret. #8508
• [ENHANCEMENT] Support update_message field for Slack receiver in Alertmanager configuration Secret. #8502
• [ENHANCEMENT] Add threading configuration for email receiver in AlertmanagerConfig CRD. #8400
• [ENHANCEMENT] Add healthFilter field for ConsulSD in ScrapeConfig CRD. #8529
• [BUGFIX] Ensure that inactive shards don't scrape any targets when the sharding retention policy is Retain. #8513
• [BUGFIX] Fix Telegram bot token validation in Alertmanager configuration Secret. #8465

0.90.1 / 2026-03-25

• [BUGFIX] Fix Probe ignoring HTTP client settings in scrape configuration. #8461

0.90.0 / 2026-03-19

• [CHANGE/BUGFIX] Validate that the remote-write URL scheme is either http or https. #8455
• [FEATURE] Add --repair-policy-for-statefulsets CLI argument to the operator. It defines how the operator manages StatefulSet's pods stuck at an incorrect revision. Users running Kubernetes v1.35+ are encouraged to enable this feature (see troubleshooting guide). #8443
• [FEATURE] Add schedulerName support to the Prometheus, PrometheusAgent, Alertmanager and ThanosRuler CRDs. #8451
• [ENHANCEMENT] Add --web.tls-curves CLI argument to the operator and admission-webhook binaries. #8385
• [ENHANCEMENT] Support minimum TLS version for Thanos gRPC servers. #8438
• [ENHANCEMENT] Add version label to ThanosRuler pods. #8441
• [ENHANCEMENT] Add messageText support for Slack receiver in AlertmanagerConfig CRD. #8374
• [ENHANCEMENT] Add messageText support for Slack receiver in Alertmanager secret config. #8375
• [ENHANCEMENT] Add forceImplicitTLS support for SMTP email config in Alertmanager secret config. #8384 #8404
• [ENHANCEMENT] Add forceImplicitTLS support for SMTP email config in AlertmanagerConfig CRD. #8386
• [ENHANCEMENT] Add forceImplicitTLS support for SMTP global config in Alertmanager secret config. #8405
• [ENHANCEMENT] Add forceImplicitTLS support for SMTP global config in Alertmanager CRD. #8406
• [ENHANCEMENT] Add support for global Telegram bot token in Alertmanager CRD. #8372
• [ENHANCEMENT] Add chatIDFile support for Telegram receiver in Alertmanager secret config. #8376
• [ENHANCEMENT] Add wechatAPISecretFile support in Alertmanager global config. #8377

... (truncated)

Changelog

Sourced from github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring's changelog.

0.91.0 / 2026-05-05

• [CHANGE] Enforce mutual exclusion of basicAuth, authorization and oauth2 in ScrapeConfig CRD. #8480
• [CHANGE] Add minimum length validations to string fields in ScrapeConfig CRD. #8479
• [CHANGE] Add validations for VictorOps receiver in AlertmanagerConfig CRD. #8220
• [CHANGE] Add validations for OpsGenie receiver in AlertmanagerConfig CRD. #8267
• [CHANGE] Add validations for Email receiver in AlertmanagerConfig CRD. #8270
• [FEATURE] Implement shard retention based on Prometheus data retention (it requires the PrometheusShardRetentionPolicy feature gate). #8478
• [FEATURE] Configure node selector when sharding mode is Topology for Prometheus and PrometheusAgent custom resources (it requires the PrometheusTopologySharding feature gate). #8486
• [FEATURE] Configure external label with topology information when sharding mode is Topology for Prometheus and PrometheusAgent custom resources (it requires the PrometheusTopologySharding feature gate). #8519
• [FEATURE] Distribute scrape targets within topology zones when sharding mode is Topology for Prometheus and PrometheusAgent custom resources (it requires the PrometheusTopologySharding feature gate). #8538
• [FEATURE] Add --promql-options CLI argument to the admission-webhook binary. #8531
• [FEATURE] Validate PrometheusRule resources selected by Prometheus resources based on the PromQL enabled features. #8545
• [FEATURE] Add workload identity authentication method for AzureSD in ScrapeConfig CRD. #8489
• [ENHANCEMENT] Support strategic merge patch of container probes when workloads are configured with HTTPS. #8427
• [ENHANCEMENT] Support auth_secret_file field for Email receiver in Alertmanager configuration Secret. #8394
• [ENHANCEMENT] Support smtp_auth_secret_file field in Alertmanager configuration Secret. #8396
• [ENHANCEMENT] Add externalId field to SigV4 configuration in Alertmanager, Prometheus, PrometheusAgent and ThanosRuler CRDs. #8494
• [ENHANCEMENT] Add cipherSuites support for Thanos Sidecars and Rulers. #8524
• [ENHANCEMENT] Add curves support for Thanos Sidecars and Rulers. #8542
• [ENHANCEMENT] Speed up configuration reloads by watching the config file's parent directory. #7366
• [ENHANCEMENT] Support Mattermost global webhook URL support in Alertmanager configuration Secret. #8501
• [ENHANCEMENT] Add Mattermost global webhook URL support in Alertmanager CRD. #8503 #8534
• [ENHANCEMENT] Support payload field for Webhook receiver in Alertmanager configuration Secret. #8505
• [ENHANCEMENT] Support attachment fields for Mattermost receiver in Alertmanager configuration Secret. #8508
• [ENHANCEMENT] Support update_message field for Slack receiver in Alertmanager configuration Secret. #8502
• [ENHANCEMENT] Add threading configuration for email receiver in AlertmanagerConfig CRD. #8400
• [ENHANCEMENT] Add healthFilter field for ConsulSD in ScrapeConfig CRD. #8529
• [BUGFIX] Ensure that inactive shards don't scrape any targets when the sharding retention policy is Retain. #8513
• [BUGFIX] Fix Telegram bot token validation in Alertmanager configuration Secret. #8465

0.90.1 / 2026-03-25

• [BUGFIX] Fix Probe ignoring HTTP client settings in scrape configuration. #8461

0.90.0 / 2026-03-19

• [CHANGE/BUGFIX] Validate that the remote-write URL scheme is either http or https. #8455
• [FEATURE] Add --repair-policy-for-statefulsets CLI argument to the operator. It defines how the operator manages StatefulSet's pods stuck at an incorrect revision. Users running Kubernetes v1.35+ are encouraged to enable this feature (see troubleshooting guide). #8443
• [FEATURE] Add schedulerName support to the Prometheus, PrometheusAgent, Alertmanager and ThanosRuler CRDs. #8451
• [ENHANCEMENT] Add --web.tls-curves CLI argument to the operator and admission-webhook binaries. #8385
• [ENHANCEMENT] Support minimum TLS version for Thanos gRPC servers. #8438
• [ENHANCEMENT] Add version label to ThanosRuler pods. #8441
• [ENHANCEMENT] Add messageText support for Slack receiver in AlertmanagerConfig CRD. #8374
• [ENHANCEMENT] Add messageText support for Slack receiver in Alertmanager secret config. #8375
• [ENHANCEMENT] Add forceImplicitTLS support for SMTP email config in Alertmanager secret config. #8384 #8404
• [ENHANCEMENT] Add forceImplicitTLS support for SMTP email config in AlertmanagerConfig CRD. #8386
• [ENHANCEMENT] Add forceImplicitTLS support for SMTP global config in Alertmanager secret config. #8405
• [ENHANCEMENT] Add forceImplicitTLS support for SMTP global config in Alertmanager CRD. #8406
• [ENHANCEMENT] Add support for global Telegram bot token in Alertmanager CRD. #8372

... (truncated)

Commits

• e138807 *: cut v0.91.0 (#8552)
• 458f5d3 *: cut v0.91.0
• 65e40ce feat: add healthFilter field to ConsulSDConfig in prometheus CRD (#8529)
• e94a151 feat: validate PrometheusRule based on PromQL enabled features (#8545)
• 9e89b2c Merge pull request #8550 from prometheus-operator/dependabot/go_modules/githu...
• ca8c72e build(deps): bump github.com/prometheus/alertmanager
• 254b54b feat: validate PrometheusRule based on PromQL enabled features
• fc8478c Merge pull request #8494 from kubeservice-stack/update-sigv4
• da2fa1a Merge pull request #8544 from simonpasquier/refactor-shard-tests
• 2686372 test: refactor sharding e2e tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated Kubernetes integration libraries to latest versions for improved compatibility and stability.
  • Refreshed Prometheus and monitoring-related dependencies to ensure optimal performance.
  • Upgraded YAML parsing library for enhanced reliability.
  • Refined indirect dependencies to reflect upstream updates.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: d3668341-1793-44d9-8e50-d7084587c079

📥 Commits

Reviewing files that changed from the base of the PR and between 0a6b5ac and 43699b4.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

---

Walkthrough

The PR updates go.mod by adding new monitoring and Kubernetes-related dependencies (Prometheus operator v0.91.0, Prometheus client_golang v1.23.2, multiple k8s.io libraries at v0.35.4) and bumping versions of existing dependencies including yaml/v2 (v2.4.4), kube-openapi, and structured-merge-diff/v6 (v6.3.2).

Changes

Dependency Version Updates

Layer / File(s)	Summary
Monitoring & Prometheus Dependencies go.mod (lines 16–24)	Adds prometheus-operator monitoring v0.91.0, prometheus client_golang v1.23.2, and gomodules jsonpatch v2.5.0 to the primary require block.
Kubernetes Libraries go.mod (lines 16–24)	Adds k8s.io/api, k8s.io/apimachinery, k8s.io/client-go, k8s.io/apiextensions-apiserver, and k8s.io/klog/v2 at v0.35.4; updates k8s.io/utils to a 2026-02-10 pseudo-version.
Other Dependency Updates go.mod (lines 66, 83–86)	go.yaml.in/yaml/v2 bumped to v2.4.4; kube-openapi updated to 2026-03-17 pseudo-version; structured-merge-diff/v6 updated to v6.3.2.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 7 | ❌ 5

❌ Failed checks (5 warnings)

Check name	Status	Explanation	Resolution
Test Structure And Quality	⚠️ Warning	Ginkgo tests violate quality requirements: tests combine unrelated behaviors, missing resource cleanup, wait.For lacks explicit timeouts, and assertions lack consistent meaningful messages.	Refactor tests for single responsibility, add cleanup for created resources, add explicit timeouts to wait operations, and add meaningful messages to all assertions.
Microshift Test Compatibility	⚠️ Warning	New tests use config.openshift.io (FeatureGate, ClusterVersion) and managed.openshift.io APIs, plus multi-node assumptions (infra nodes) without [apigroup:...] tags or [Skipped:MicroShift] labels.	Add [apigroup:config.openshift.io], [apigroup:managed.openshift.io], or [Skipped:MicroShift] tags to test names. Guard infra-node tests with IsMicroShiftCluster() checks.
Single Node Openshift (Sno) Test Compatibility	⚠️ Warning	Multiple e2e tests assume multi-node clusters and infra nodes, which don't exist in SNO. No SNO compatibility protections found.	Add [Skipped:SingleReplicaTopology] labels to infra-node tests or guard with SNO topology checks. Test with: /payload-job periodic-ci-openshift-release-master-ci-4.22-e2e-aws-upgrade-ovn-single-node
Topology-Aware Scheduling Compatibility	⚠️ Warning	Deployment adds required pod anti-affinity (topologyKey: zone) without topology-aware detection. May fail on SNO/TNA/TNF topologies during rolling updates.	Replace required anti-affinity with preferred, or add topology awareness via infrastructure.Status.ControlPlaneTopology to adjust constraints per topology.
Ipv6 And Disconnected Network Test Compatibility	⚠️ Warning	New e2e tests pull images from public registries (quay.io, registry.access.redhat.com) requiring internet connectivity in disconnected environments.	Use internal registries, add [Skipped:Disconnected] tag, or pre-cache images for disconnected environment compatibility.

✅ Passed checks (7 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title specifically mentions the prometheus-operator dependency bump, which is the primary change highlighted in the raw summary and PR objectives.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	All Ginkgo test names are stable and deterministic. No test titles contain dynamic data like pod names, UUIDs, timestamps, or other changing values. Dynamic values are correctly used in test bodies.
Ote Binary Stdout Contract	✅ Passed	This PR only updates Go module dependencies (go.mod/go.sum). Code files (cmd/main.go, cmd/fips.go) show zero changes. Pre-existing stdout violations not introduced by this PR.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/go_modules/github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring-0.91.0

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign joshbranham for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/pr-check	43699b4	link	true	/test pr-check

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.